Cybercrimes that pose the greatest threats to your business
Unfortunately, this year goes down the books as a flourishing one for hackers as they committed cybercrimes of huge proportions.
Before, hacking is mostly known for fraud and theft. Unfortunately in the past few years it has become more sophisticated as different kinds of enterprises suffered the brunt of massive data breaches that place disaster recovery plans in the forefront.
Let’s have a look back at some of the most unforgettable ones we saw in 2016:
- Ransomware in Hospitals
Hospitals and medical facilities are lucrative targets for ransomware. Hackers can “hostage” sensitive patient data in exchange for ransom money, which could rack up as much as $40,000. This was the value of 45 bitcoins that attackers earned from hacking Union Memorial Hospital in Maryland.
Several ransomware cases also caused hospital computer systems to shut down, including those in the Hollywood Presbyterian Medical Center, LA; Methodist Hospital in Henderson, Kentucky; and in Neuss, Germany. The medical staff was locked out of the hospital’s computer network, forcing them to perform record-keeping tasks through pen and paper.
- Bangladesh Bank Heist
A whopping $81 million disappeared from the infamous heist committed against the Bank of Bangladesh in early 2016. The hackers apparently stole the SWIFT (Society for Worldwide Interbank Financial Telecommunication) credentials of the bank’s employees to send fraudulent money transfer requests over at the Federal Reserve Bank of New York to bank accounts in the Philippines and Sri Lanka.
At best, a succeeding attack at the bank fumbled over a typo error. Otherwise, the total payout could have amounted to $1 billion.
- COMELEC Website Hacking
The Commission on Elections website was the subject of large-scale hacking in late March 2016, just before the Philippines was scheduled to conduct the May 2016 national elections. Not only was the site defaced, but voters’ data got leaked online as well, with the hacking group purportedly launching the attack to pressure the COMELEC to implement security features on the agency’s automated vote-counting machines.
- Yahoo! Data Breach
Yahoo! has been mired in turmoil ever since it announced just this September that a 2014 breach put millions of user account data at risk. The Internet giant reported anew this past week that a separate hacking incident in 2013 might have compromised another 1 billion more of Yahoo! users’ accounts.
Its chief information security officer, Bob Lord, explained that hackers used “forged cookies” – or the coding that gets stored in a user’s browser – to gain unauthorised entry to the accounts in question.
Yahoo! was quick to assure users that the hack did not involve any credit card and bank account information, but advised account holders to change their passwords immediately.
Suiting Up Your Business Against Cybercrime
Cyber security is always a concerted effort among managers, experts, and lower-level employees in the organisation. Here are some level-specific security measures that experts recommend:
- Identify all risks related to cyber security such as those involving remote access to client information and fund transfer requests. Look into risks associated with third-party vendors as well.
- Establish cyber security governance including policies, procedures, and oversight processes.
- Be ready to detect unauthorised activities in your network.
- Encrypt your data, use antivirus software, and keep your patch levels up-to-date.
- Empower your managers to see how sensitive data flows through your system, and educate them about proper data sharing policies.
- Monitor employees’ access to corporate data and set parameters for privilege use.
- See to it that your current IT infrastructure can support the software version that you need.
- Check any disparity between your organisation’s cyber security spending and actual implementation or usage of such security solutions.
The threat, as well as the danger of cybercrime is as real as it gets. Hackers will continue with their sinister ploy to disrupt businesses and online communities to further their own advances.
Needless to say, companies should not take this sitting down. By encouraging everyone’s involvement, your organisation can minimise the risks brought about by cyber crime.